Conditional Access Establishes Trust In the Network

Posted by Heather Howland on Mar 15, 2019 9:46:16 AM

Stolen or compromised credentials pose well-known risks to organizations and their employees. And as hackers and other malicious actors become more advanced and sophisticated in their techniques, the global threat is increasing. At a recent IT security conference, I spoke with a customer about an alert (TA18-276A) that the United States National Cybersecurity and Communications Integration Center (NCCIC) released late last year. The alert, titled “Using Rigorous Credential Control to Mitigate Trusted Network Exploitation,” outlines recommendations on how to overcome these challenges. In this blog, I’ll discuss how Conditional Access and detection of malicious use of tools and protocols can address the NCCIC’s recommendations.  

The alert provides information on how Advanced Persistent Threat (APT) actors are using multiple mechanisms to acquire legitimate user credentials. Once acquired, attackers can use the credentials to exploit trusted network relationships, in order to expand unauthorized access, maintain persistence, and exfiltrate data from targeted organizations. Some of the suggested NCCIC best practices for administrators to mitigate these threats include rigorous credential controls and privileged-access management, as well as remote-access control and audits of legitimate remote-access logs.

Read More

Topics: User Behavior, Risk, Multi-factor Authentication, Privileged Accounts, APT, User and Entity Behavior Analytics, Credential Compromise, Compliance

Making Privileged Access Management Complete: Find the JIM to your PAM

Posted by Monnia Deng on Jan 10, 2019 1:50:15 PM

You read that right. In a shameless reference to the Office, I want to be the JIM to your PAM. Jim and Pam’s relationship was undeniable from the start: both of them had a mutual understanding and fit. While they constantly denied their relationship, it was evident that being together made them stronger and better.

Read More

Topics: Privileged Users, Privileged Accounts

6 Tips for Securing Privileged Accounts in the Enterprise

Posted by Heather Howland on Mar 2, 2018 6:00:00 AM

Protecting privileged accounts and actively responding to any potential compromises has become a critical initiative for many CISOs. Stolen credentials are at the heart of most all modern attacks and breaches. Attackers can easily obtain credentials via phishing attacks, brute force, keyloggers, pass-the-hash techniques, or using a database of previously stolen credentials. And once an account is compromised, the attacker can see and do anything that is allowed for that user or account.

Read More

Topics: CISO, Privileged Users, Privileged Accounts

The Privileged Accounts you are NOT Monitoring

Posted by Boris Danilovich on Sep 15, 2017 11:28:02 AM

“We are delighted to announce that starting January 1st, all frontal services provided by our company will be given by male representatives.” Wait, what?

Read More

Topics: Privileged Users, Privileged Accounts, Active Directory

Gaining Visibility and Control of Privileged Users (video)

Posted by Heather Howland on Sep 8, 2017 9:01:59 AM

The management of privileged users and accounts is one of the most important tasks for any security organization. Unfortunately, for many organizations, understanding who their privileged users actually are and what they have access to is a black hole.  With the risks posed by cyberattacks and breaches, the need for monitoring and actively managing this important group is critical in order to keep the bad guys from breaking in and preventing abuse.  The Anthem security breach taught us just how serious privileged access breaches can be.

Read More

Topics: Privileged Users, Privileged Accounts

Protecting Service Accounts from Attackers and Insiders (video)

Posted by Heather Howland on Aug 25, 2017 1:30:20 PM

Service Accounts can represent tremendous security risk for enterprises. And many of our customers struggle with how to best identify, control and protect these accounts. Let’s take a closer look at what service accounts are and what organizations can do to protect service accounts from attackers and insiders. 

Read More

Topics: Privileged Accounts, User and Entity Behavior Analytics, Active Directory, ueba